| CHEMICAL INDUSTRY JOURNAL |
| cyber security |
Chemical manufacturers must take application security more seriously the threats coming from ransomware groups, nation state hackers and business rivals.
Stephane Konarkowski, security consultant at Outpost24, warns that cybercrime is a massive and growing threat to the industry. Chemical manufacturing as a broad term encapsulates a wide variety of processes and procedures that manifest in a global multi-billion-dollar industry. These organisations are crucial to our way of life, producing essential services and products required for critical national infrastructure (CNI). Imagine your life without any of these essentials if cybercriminals were able to disrupt the production or infiltrate the information technology (IT) systems of these core products and services. Cybercriminals have been targeting these organisations and the supply chain in recent years including Brenntag, a chemical distribution company, which was forced to pay a $4.4 million ransom to the Darkside ransomware gang. With the cost of a cyberattack expected to rise globally to $10.5 trillion by 2025, the chemical manufacturing industry is becoming increasingly vulnerable, and must be aware of
As cybersecurity budgets are stretched to cope with other operational security controls, it is essential that decision-makers within the manufacturing vertical utilise their budget more wisely to prevent unsecured assets from becoming prime targets.
With the challenge of the pandemic, chemical manufacturing played a pivotal role in the production of vaccines and medicines. This means that an attack on a chemical manufacturing plant could impact human lives. In fact, the need for better cybersecurity in the industry is well recognised, with US Congress’s push for the ‘Strengthening American Cybersecurity Act of 2022’. This cross-party act would require chemical manufacturers and distributers as well as other businesses supplying CNI to report a cyberattack within 72 hours. However, manufacturing companies should not wait until a law is mandated to secure an area within their digital ecosystem that is often overlooked – web applications, as the exploitation of unpatched software is now the prime reason for a data breach for the industry.
SIZING UP THE EXTERNAL ATTACK SURFACE In order to ascertain the state of application security Outpost24 has conducted a detailed analysis of the internet exposure and security posture of the biggest chemical manufacturers in the EU, uncovering concerning levels of vulnerabilities and weak spots in their digital footprint. The findings reveal a rather large external attack surface for top chemical manufacturers, with a total of 22,507 internet exposed web applications over 6,175 domains. When these were scanned, a percentage of them were identified as testing/staging environments that shouldn’t be exposed. Additionally, some of the applications were utilising outdated components which contain known vulnerabilities, a major security issue used by threat actors for ransomware attacks. There was even evidence of compromised web applications where user credentials and password have been unknowingly disclosed in the deep and dark web, waiting to be exploited.
TOP ATTACK VECTORS IN CHEMICAL MANUFACTURING APPLICATIONS Amongst the most common attack vectors in web applications, the following were identified as the biggest risks in their web applications: Security mechanisms (SM): When data sent over the internet between the user and the application wasn’t encrypted it can allow eavesdroppers and hackers to
14
